3. Update Router Firmware
Outdated router or firewall firmware is another common issue. Small business network equipment, just like applications and operating systems, needs to be updated for security and bug fixes. The firmware that your small business router and/or firewall shipped with is likely out-of-date within a year, so it's critical to make sure you update it.
Some router vendors have a simple dialogue box that lets you check for new firmware versions from within the router's administration menu. For routers that don't have automated firmware version checking, find the version number in your router admin screen, and then go to the vendor's support site to see if you have the latest version.
4. Block Pings
You can make it harder for attackers by simply setting your network router or firewall so that it won't respond to network pings. Typically the option to block network pings can be found on the administration menu for a firewall and/or router as a configuration option.
5. Scan Yourself
One of the best ways to see if you have open ports or visible network vulnerabilities is to do the same thing that an attacker would do -- scan your network.
By scanning your network with the same tools that security researchers (and attackers) use, you'll see what they see. Among the most popular network scanning tools is the open source nmap tool). For Windows users, the Nmap download now includes a graphical user interface, so it's now easier than ever to scan your network with industry standard tools, for free.
Scan your network to see what ports are open (that shouldn't be), and then go back to your firewall to make the necessary changes.
6. Lock Down IP Addresses
By default, most small business routers use something called DHCP, which automatically allocates IP addresses to computers that connect to the network.
DHCP makes it easy for you to let users connect to you network, but if your network is exploited it also makes it easy for attackers to connect to your network. If your small business only has a set number of users, and you don't routinely have guest users plugging into your network, you might want to consider locking down IP addresses.
On your router/firewall admin page, there is likely a menu item under network administration that will let you specify IP addresses for DHCP users. You'll need to identify the MAC address to which you can then assign an IP (to find your MAC address read What's a MAC Address, and How Do You Find It?).
The benefit of assigning an IP is that when you check your router logs, you'll know which IP is associated with a specific PC and/or user. With DHCP, the same PC could potentially have different IPs over a period of time as machines are turned on or off. By knowing what's on your network, you'll know where problems are coming from when they do arise.